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(54) Transaction authorization and alert system 

(57) An automated method for alerting a customer 
that a transaction is being initiated and lor authorizing 
the transaction based on a conlir mat ion/approval by the 
customer thereto. In accordance with one illustrative 
embodiment, a request to authorize the transaction is 
received, wherein the request includes a customer iden- 
tifier, a determination is made whether to authorize the 
transaction based on the customer identifier; il the de- 
termination is to authorize the transaction, that fact is 
communicated to the customer, a confirmation that the 
transaction should, in tact, be authorized is received 
back from the customer, and the transaction is author- 
ized in response to the customer's confirmation thereof. 
In accordance with another illustrative embodiment, a 
transaction initiated by an agent of the customer (i.e., 
the principal) is authorized by the principal when one or 
more threshold parameters that may be pre-defined by 
the principal are exceeded. A preferred mefriod of alert- 
ing the customer and receiving a confirmation to author- 
ize the transaction back from the customer is illustrative- 
ly afforded by conventional two-way pagers. 
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Description 

Field of the Invention 

This invention relates to a transaction authorization 
and alerting system, and more particularly to a method 
and apparatus lor using a communications system to 
alert an interested party ot a recently completed trans- 
action and/or to obtain authorization from the interested 
party for a pending transaction. 

Background of the Invention 

The credit card identification numbers assigned to 
credit card customers are presented to many different 
people in a variety of circumstances - when applying 
tor financial services, when concluding purchases in a 
store, and when making purchases over the telephone, 
through the mart, or over e-mail (electronic mail). The 
large number of people that have access to a customer's 
credit card number has frequently ted to fraud. The ad- 
vantages of using credit cards, however, are substan- 
tial. The customer finds their use advantageous in that 
he or she need not carry cash or write checks. Credit 
card purchases also have advantages to the retailer as 
compared, lor example, to payment by check, since the 
credit card service provider ensures timely payment to 
the retailer, regardless of when the customer pays the 
balance on the credit card account. However, credrt 
cards or credit card numbers are often stolen, and credrt 
card numbers are often used over the telephone or 
through the mail without any secure mechanism for con- 
firming the customer's identity. 

Telephone calling card numbers have security prob- 
lems similar to those of credrt cards. These numbers are 
often spoken aloud or entered through a touch tone key- 
pad, thereby allowing others the opportunity to record 
them (either electronically or by mere observation), and 
to then fraudulently use the numbers. Another common 
source ol fraud sterns from authorized usage ot a credit 
card or a telephone calling card followed by a customer 
denial that he or she made the purchase or placed the 
calL Thus, simply controlling access to the credit or call- 
ing card number without more may be inadequate. Com- 
puter access to secure databases is yet another exam- 
ple ol a transaction that depends upon private customer 
identifiers (r e , passwords) which through legator illegal 
channels may become known to others, thereby allow- 
ing unauthorized access to these databases. 

Prior art mechanisms tor handling such security 
concerns have not taken advantage of advances in 
communications and computer syst ems to automate the 
alerting and approval process. Most techniques which 
have heretofore attempted to address these security is- 
sues tend to significantly increase the complexity of the 
communication protocol For example, the customer 
may bo asked additional questions (the answers to 
which it is expected that only the authorized parry would 



know), or may be required to provide additional informa- 
tion as a part ot each transaction such as a (secret) Per- 
sonal Identification Number (PIN). Moreover, it may be 
required that such PINs be modified on a routine basis 
5 in order to maintain their secrecy. To encourage custom- 
ers to make use of these types of services (e.g., credit 
and calling cards), it has become common to limit the 
liability of the customer while increasing the liability of 
the service provider (e.g., the credit card vendor or tel- 
io ephone company). Unfortunately, unauthorized uses 
usually go undetected until a periodic service report is 
issued - typically, at the end ot a monthly billing cycle 
and long alter the fraud was perpetrated. 

In addition to the above -described security issues, 
is one commonly desired class of financial transactions in- 
volves a principal who empowers an agent to initiate and 
complete routine transactions without the principal's 
knowledge or approval. However, the principal often re- 
serves the right to be alerted to, or even to approve, such 
20 transactions, particularly when they are identifiably non- 
routine or atypical. For example, apjjjoval may be re- 
quired when certain threshold parameters that are as- 
sociated with the transaction (which may, lor example, 
be pre-defined by the principal) are exceeded. 
25 Prior art mechanisms tor handling such agent initi- 
ated transactions have also not taken advantage of ad- 
vances m communications and computer systems to au- 
tomate the alerting and approval process, thereby lim- 
iting the scope of applications of such transactions. For 
30 example, a card owner, such as a corporation (parent) 
that provides an employee (young adult) with a credit/ 
debit card to charge business (personal) expenses, typ- 
ically places certain restrictions on the use of the card 
by the cardholder to prevent abuses, excesses or fraud. 
35 Those restrictions include, tor example, upper limits on 
either the total amount of money that can be charged to 
a commercial credrt card, or the number ot transactions 
that can be authorized tor a credit card number within a 
predetermined period of time. Those restrictions some- 
40 times operate to deny access to credit to a cardholder 
who is stranded or facing an emergency situation, when 
ironically credit is most needed. This clearly defeats the 
purpose of empowering the employee or young adult. 
Yet, oversight of the use of those credit cards by the card 
45 owners is still needed since the card owners are ulti- 
mately financially responsible for the expenses charged 
to those credit cards. This issue lakes particular signif- 
icance when one considers that merchants concerned 
about lack of legal competency of minors to complete 
50 card transactions have been reluctant to accept debit or 
credit cards as a means of payment from minors. Hence, 
another specific problem of the prior art is lack of a flex- 
ible reslrictiun mechanism for principals to limit monitor, 
andtor approve use ot a card by cardholder tor non-rou- 
55 tine commercial transactions. 
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Summary ol the Invention 

We have recognized that the aforementioned prob- 
lems result from the inability to quickly and efficiently in- 
form the individual customer (e.g., the account holder 
of the principal) that his or her customer identifier (e.g., 
credit/debit/calling card number, PIN, password, etc. ) 
is being used in a transaction for a particular purpose, 
and the inability of the customer to respond thereto in 
order to confirm or deny its use. Thus, in accordance 
with certain illustrative embodiments of the present in- 
vention, an automated method for authorizing a trans- 
action is provided in which the customer is informed of 
a pending authorization thereof, and the transaction is 
then authorized only in response to a customer confir- 
mation. In accordance with certain other illustrative em- 
bodiments, the invention provides a method and a sys- 
tem which allow a principal to be automatically alerted 
to. and/or to promptly authorize, an agent-initiated 
transaction which may, for example, be deemed atypical 
based on a pre-stored profile specified by the principal. 

In accordance with one illustrative embodiment, a 
request to authorize a transaction is received, wherein 
the request includes a customer identifier; a determina- 
tion is made whether to authorize the transaction based 
on the customer identifier; if the determination is made 
to authorize the transaction, the pending authorization 
is communicated to the customer; a confirmation that 
the transaction is, in fact, to be authorized is received 
back from the customer; and the transaction is author- 
ized in response to the customer's confirmation thereof- 
One approach to communicating such a deter prona- 
tion to authorize the transaction and to receive such a 
confirmation to authorize from the customer is illustra- 
tively afforded by conventional two-way pagers. For ex- 
ample, a computer database, charged with the task of 
authorizing a transaction, may signal the customer via 
paging whenever his or her customer identifier is used. 
Along with this notification, relevant information may be 
displayed on the pager's alphanumeric (or numer tc) dis- 
play. The customer may then respond (via the two-way 
pager) by confirming or denying the pending authoriza- 
tion. 

According to one aspect of the invention, exception 
conditions that trigger a customer's alerting or approval 
process may be stored in a profile specified by the cus- 
tomer. This profile associates those exception condi- 
tions to a personal communications address, such as a 
paging number or a "500' or "700* prefix telephone 
number at which the customer can be reached. For 
credit/debit and catling card transactions, exception 
conditions may be caused, for example, by a request tor 
credit amount (or number of transactions) above thresh- 
old parameters pre- imposed by the card owner for ttie 
use of the card, or breach of other conditions pre-de- 
fined by the card owner for the use of the card. In ac- 
cordance with the principles of the invention, the card 
owner may elect to simply receive the alert message or 



to authorize/deny the charging of the expenses to the 
card number by transmitting an approval/disapproval 
message to the card issuer as part of the card validation 
process. 

5 According to another aspect of the invention, a mer- 
chant may request the approval of a parent or guardian 
to a debit/credit card transaction, such as a stored-value 
smartcard, presented to the merchant by a minor alleg- 
ing to act on behalf of the parent or guardian. In that 

io case, the card number, or a proxy thereof, may be used 
as a search key to retrieve the parent or guardian's pro- 
file that identities a communications address tor the par- 
ent or guardian. The transaction is approved only if an 
authorization message is received from the parent or 

is guardian. 

Brief Description of the Drawings 

FIG. 1 is a telecommunication system arranged in 
20 accordance with the invention to allow a card owner to 
authorize, or to be alerted to transactions charged to the 
card by a cardholder. 

FIG. 2 illustrates an exemplary message that is 
transmitted by an automatic dialing unit at a merchant's 
25 location to a card issuer's validation database. 

FIG. 3 shows an illustrative table that associates 
alerting threshold parameters to card numbers. 

FIG. 4 shows an illustrative generic message that 
is transmitted by an automatic dialing unit at a mer- 
30 chant's location to a card owner's communications de- 
vice. 

FIG. 5 shows specific exemplary messages that 
may be transmitted by a card validation system to a card 
owner's communications device. 
3S FIG. 6 is a table that correlates merchant codes to 
types of commercial establishments. 

FIG. 7 shows a flow diagram outlining illustrative 
programmed instructions executed by different ele- 
ments of the communications system of FIG. 1 to re- 
40 cerve approval for, or to alert a credit card owner to, a 
credit card transaction initiated by a card holder in ac- 
cordance with certain iflustrative embodiments of the 
present invention. 

FIG. 8 is a flow chart of illustrative programmed in- 
*5 struct ions executed by various components of the com- 
munications system of FIG. 1 to receive approval from 
a parent or a guardian of a minor initiated debit card 
transaction sn accordance with a first illustrative embod- 
iment of the present invention. 
so F IG. 9 shows a flow chart of a credit card purchase 
transaction to which certain illustrative embodiments of 
the present invention may advantageously be applied. 

FIG. 10 shows a flow chart of an authorization proc- 
ess in accordance with a second illustrative embodi- 
es rnent of the present invention. 

FIG. 11 shows a flow chart of an authorization proc- 
ess in accordance with a third illustrative embodiment 
of the present invention. 
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FIG. 1 2 shows a Mow chart ot an authorization proc- 
ess in accordance with a fourth illustrative embodiment 
ot the present invention. 

FIG. 1 3 shows a tlow chart ot a credit card purchase 
transaction to which a tilth illustrative embodiment ot the 
present invention may advantageously be applied. 

FIG. 14 shows a flow chart ol an authorization proc- 
ess in accordance with a litth illustrative embodiment of 
the present invention. 

Detailed Description 

Introduction 

Although the principles ol the present invention may 
be applied to many domains, the illustrative embodi- 
ments described in detail herein will locus on a credit 
card or debit card purchase transaction. In these em- 
bodiments, a cardholder, who may or may not be the 
customer ot the credit or debit card issuer, uses a credit 
or debit card (or a credit card number) to instruct a re- 
tailer (a provider ot a product or service) to charge a 
purchase to the given ciedit card account or to debit the 
amount ol the purchase Irom the given debit card ac- 
count. The credit or debit card number serves as a cus- 
tomer identilier to the credit card service provider (e.g., 
the issuer ol the credit card). 

FIG. 1 shows a communications system arranged 
in accordance with certain illustrative embodiments ot 
the present invention to implement the principles there- 
of. The communications system of FIG. t includes a 
communications network 102, a validation database 
1 06 and a paging system network 111. Communications 
network 102 includes one or a series ot interconnected 
communications switches arranged to relay to validation 
database 106 (via lines 130-1 to 130-N information le- 
ceived from card reader 101. Specifically, when a ciedit 
card holder hands a credit card to a merchant to charge 
expenses associated with a transaction, the merchant 
slides the credit card through card reader 101 to read 
the credit card number, for example, oft the magnetic 
stripe on the back of the credit card An automat ic dialing 
unit included in card reader 101 dials a telephone 
number associated with a database 106 of the card is- 
suer to validate the card number. In particular, card read- 
er 101 transmits to validation database 106 a validation 
request message that is illustratively represented in 
FIG. 2. 

Similarly, when the cardholder wishes to use a debit 
card such as an Automatic Teller Machine (ATM) card 
as a means of payment for a commercial transaction, 
the merchant enters a special code into card reader 101 
to initiate the alerting and approval process. Thereafter, 
card reader 101 retrieves the debit card number, for ex- 
ample, from the magnetic stripe on the back of the debit 
card before prompting the cardholder tor a secret code 
(e g t a PIN) Card reader 101 then transmits to valida- 
tion database 101 a validation request message that is 



illustrated in FIG. 2. 

The message shown in FIG. 2 includes a card 
number 201 , a requested credit amount 202, a merchant 
code 203, and a validation request 204. When card 

5 number 201 is a debit card number, it also includes the 
PIN entered by the caroTiolder. Merchant code 203 is a 
field that identifies the type of business lrom which the 
message associated with the transaction, is transmitted. 
Typically, the merchant code 203 is appended by card 

io reader 101 after the requested credit amount 202 has 
been entered by the merchant, and the calling card 
number 201 has been retrieved from the magnetic stripe 
on the back of the card. The validation roquest field 204 
stores the code entered by a merchant to receive ap- 

1* proval from the party authorized to give such approval 
for a debit card transaction. In the case where the card- 
holder is a minor, lor example, by requesting approval 
of the transaction from a parent or guardian ot the minor 
(i.e., the authorized party), the merchant and the debit 

20 card issuer are assured that the transaction cannot be 
voided by the minor at a later date on the ground that 
the minor lacked legal competency to enter into such 
transaction. 

Upon receiving a validation request message, vali- 

25 dat'ron database 1 06 uses card number 201 as a search 
key to perform a table look-up operation for the purpose 
ol retrieving the profile associated with the card number. 
When the cardholder is a minor, and the card is a stored- 
value smartcard, a passphrase or proxy information pro- 

30 vided by the minor may be used as search key to retrieve 
the profile of FIG. 3. 

validation database 106 is a processor-controlled 
centralized database facility which is a repository of 
records or profiles tor all credit/debit card numbers as- 

3S signed by a card issuer to its customers. Validation da- 
tabase 106 is designed to authorize transactions 
charged to card numbers stored therein. Such authori- 
zation may be based on a set ot pre-defined parameters 
included in the profiles associated with the card num- 

40 bers. When a retrieved profile does not include a re- 
quirement tor alerting or approval, validation of the card 
number may be performed in a conventional manner. 
When a profile stores alerting parameters that may re- 
quire communications with one or more called parties, 

45 validation database 106 uses one of the Automatic Di- 
aling Units (ADU) B0-1 to 110-N to dial a telephone 
number retrieved from a profile associated with a card 
number. 

Shown in FIG. 3 is an illustrative table that associ- 
50 ales alerting and approval threshold parameters to cred- 
it card numbers. Each record in the table of FIG. 3 is a 
profile tor a credit card number that is used to determine 
the manner in which transactions charged to that credit 
card number are processed. The table ot F IG. 3 includes 
55 a cardholder's name lietd 301 ; a card number field 302; 
alert and authorization flags 303 and 304, respectively; 
a trigger group of fields; a communications address field 
307; a no-answer-credit threshold field 309; and a no- 
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answer-transaction threshold field 310. Cardholder's 
name field 301 stores the name of a card holder asso- 
ciated with a particular card number. The cardholders 
name field may contain, tor example, the first and last 
name of the cardholder (as shown for the first and third 
record) or the first name (or nickname) of the cardholder 
(as shown for the second and fourth record). Credit card 
number 302 is used as a search key m the table lookup 
operation mentioned above, to retrieve the profile asso- 
ciated with that card number. The alert flag field 303 in- 
dicales that the card owner is to be notified, although 
possibly only under certain conditions. Such notification 
may be required, tor example, when processing of the 
transaction would either cause certain conditions pre- 
defined lor the use of the card to be breached, or a 
threshold parameter to be exceeded. The approval flag 
field 304 alerts the card issuer that credit card transac- 
tions that violate pre-established conditions need to be 
authorized by the card owner as part of the card valida- 
tion process. These pre-established conditions may be 
pre-selected by the card owner or they may be condi- 
tions imposed by the card issuer. The trigger group of 
fields depicted in FIG. 3 illustratively shows different pa- 
rameters which cause a card owner to be notified when 
those parameters exceed certain pre-defined thresh- 
olds. The "conditions" field 305 shows restrictions pre- 
selected by the card owners lor use of their credit cards. 
For example, the first record indicates that the card own- 
er wishes to be alerted whenever a cardholder charges 
more than one hundred (100) dollars to the credit card 
number. The third record illustrates that the card owner 
wishes to authorize any credit card transaction tor more 
than three hundred dollars. By contrast, the owner of the 
credit card number associated with the third record 
wishes to be alerted whenever that card is used at com- 
mercial establishments associated with specific mer- 
chant codes. Some card issuers assign distinct mer- 
chant codes to commercial establishments, such as 
bars, hotels and liquor stores, thereby allowing credit 
card transactions at those establishments to be easily 
identified. 

Other restrictions that may be imposed by a card 
owner may include, tor example, the 'maximum number 
ot transactions* field 306 which defines an upper limit 
on the number ot transactions that can be charged to a 
credit card number within a predetermined period ot 
time. For example, the second record indicates that the 
card owner's approval ts required to validate a credit 
card transaction when more than three credit card trans- 
actions have already been processed lor that credit card 
number within a twenty-lour (24) hour period. Such a 
condition may be useful for example, in detecting fraud- 
ulent use of a stolen credit card. When a transaction 
threshold number is used as a parameter tor processing 
a credit card transaction, the transaction counter field 
307 is incremented by 1 (one) every frme a credit card 
transaction is processed The transaction counter field 
307 is reset to "0* after the predetermined period (e.g.. 



24 hours) has expired. It will be appreciated that only a 
limited number of restrictions and/or authorizations are 
shown m FIG. 3 for ease of explanation, even though 
many other restrictions, obvious to those of ordinary skill 
5 in the art, may be requested by card owners or card is- 
suers for inclusion in the profile of FIG. 3. 

Whenever a card owner is to be notified of a condi- 
tion-breaching credit card transaction, the communica- 
tions address field 308 may be used to identify a tele- 
io phone number or an electronic mail address at which 
the card owner can be reached. Preferably, the commu- 
nications address field stores a pager number associat- 
ed with a communications carrier which provides paging 
service on a nationwide basis to contact, for example, 
is the card owners associated with the first and the fourth 
record. Alternatively, a personal telephone number, 
such as a *500* or a "700" prefix number may be used 
as a reach number tor a card owner, such as the card 
owner associated with the second and third record 
20 shown in FIG. 3. As another alternative, an electronic 
mail address may be used which, in various illustrative 
embodiments, may be either an address to which con- 
ventional electronic mail may be sent or an electronic 
address for use in other forms of electronic signaling 
2$ such as, for example, a direct message communicated 
to the computer screen ot a togged-on user or an inter- 
active electronic two-way communication mechanism 
(e.g., a "chaf or talk' program). 

Also included in the profile of FIG. 3 is no-answer - 
30 credit threshold field 309 and no-answer-lransaction 
threshold field 310. Those fields identify respectively, 
the maximum amount ot credit that can be approved, 
and the maximum number of permissible transactions 
within a given period of time, when the card owner can- 
35 not be reached by the communications system of FIG. 
1 . When the card owner does not wish any transactions 
to be authorized when he or she cannot be reached, 
then those fields are set to zero. 

When the cost associated with the commercial 
40 transaction is charged to a debit card, as opposed to a 
credit card, onfy the card holder's name field 301, the 
card number f ield 302 and the communications address 
field 308 are of particular relevance since the request 
lor approval is initialed by the merchant and the com- 
45 mercial transaction is not completed when the debit card 
holder cannot be reached. 

(deferring back to FIG. 1, when a transaction re- 
quest message, such as the one illustrated in FIG. 2, is 
received by validation database 106, the tatter uses a) 
so the information included in that message, and b) the re- 
trieved profile associated with the card number in that 
message to determine whether at least one card owner 
pre- imposed condition has been breached (or a card 
owner pre-defined threshold has been exceeded). If so. 
55 validation database 106 fetches the communications 
address of the credit card owner and any other appro- 
priate information to format an authorization request 
and/or alert message that is transmitted tothe card own- 
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er. One such message is illustrated in FIG. 4 which 
shows a card holder's name f ield 401 , a display field 402 
and a field 403 that is populated by an entry in the table 
illustrated in FIG. 5. The card holder's name is populated 
by the name that is included in the profile retrieved by 
validation database 106. Field 402 is a display field that 
always contains the two words "Credit Card/ Held 403 
is populated by one ot the entries in the table of FIG. 5. 

The table of FIG. 5 shows three separate entries 
501, 502 and 503 representing different sections ot 
three different messages. Each entry is comprised 
mainly of display information and one field that is popu- 
lated based on the particular condition that has been 
breached or the specific threshold that has been ex- 
ceeded For example, when the requested credit 
amount for the transaction exceeds the charging limit 
pre-selected by the card owner, field 505 will be popu- 
lated by the difference between the maximum charging 
amount and the requested credit amount. Similarly, 
when validation of a card number for a I ransact'ion would 
cause the maximum number ot transactions per day 
pre-selected by the card owner to be exceeded, the con- 
tent ot the transaction counter field is moved into field 
506. Likewise, when the card holder attempts to charge 
to a credit card number the expenses related to the pur- 
chase of an item from a commercial establishment that 
is associated with a prohibited merchant code, that code 
is translated to one ol the establishment type entries 
shown in the table of FIG. 6. That table correlates each 
merchant cede to a particular type of commercial estab- 
lishment. For example, hypothetical merchant code 
1234 is associated with liquor stores, while fictitious 
merchant code 4567 is mapped to hotels and motels. 
Thus, once a merchant code is to a commercial estab- 
lishment type entry, that entry is simply copied to field 
507 of FIG. 5. 

By populating field 403 of FIG. 4 with one of the en- 
tries in FIG. 5, a complete message is formulated for 
transmission to the card owner. Thereafter, validation 
database 106 retrieves the communications address in 
the profile to send to the card owner the message illus- 
trated in FIG. 4 via an idle automatic dialing unit selected 
from ADU 110-1 to ADD 110-N. The latter are arranged 
a) to initiate phone calls by dialing telephone numbers 
received from validation database 106 and, b) to bridge 
those calls to other communications devices upon de- 
tecting a feedback signal from the card owner. ADU 
110-1 to 110-N are also designed to terminate the call if 
no feedback signal is received after a predetermined pe- 
riod of time. 

If the communications address is a personal tele- 
phone number, such as a "500* or "700* prefix number 
(shown, tor example, in the third record ol FIG. 3), then 
database 106 transmits the message illustrated in FIG. 
4 to Interactive Voice Response System (IVRS) 125 be- 
fore sending the communications address of the card 
owner loan idle ADU. Upon receiving the number dialed 
by ADU 110-1, for example, communications network 



102 translates the '500* or "700* prefix telephone 
number to a Plain Old Telephone Service (POTS) tele- 
phone number at which the card owner can be reached. 
When ADU 110-1 detects a feedback signal from the 

5 card owner, it bridges the call (via line 1 40) to Interactive 
Voice Response System (IVRS) 125 that delivers the 
message ot FIG. 4 in audio form to the card owner al 
telephone set 145, tor example. Specifically, IVRS 125 
is a processor that executes text-to-speech synthesis 

w programmed instructions designed to use ASCII input, 
such as one of the messages shown in FIG. 4, to gen- 
erate a 'read aloud* audio rendition of that ASCII input 
in a machine synthesized voice. IVRS 125 is also ar- 
ranged to prompt a card owner to provide some input to 

'5 approve or disapprove a particular transaction. For ex- 
ample, a card owner may be prompted to enter a "1 * on 
a telephone dialpad to approve a transaction, or a *2" 
on the dialpad to disapprove the transaction. Also in- 
cluded in IVRS 125 is a means to respond to touch-tone 

20 commands from a caller . In particular, IVRS 125 is ar- 
ranged to translate the Dual Tone Multi- Frequency (DT- 
MF) signal received from the card owner to a machine- 
readable lormat, such as ASCII, that is recognizable by 
validation database 106. Alternatively, IVRS 125 may 

2S include a word recognition unit that is arranged to output 
digitally recorded words, such as the messages in FIG. 
5, to prompt a card owner for particular information that 
is converted to ASCII format for delivery to validation 
database 106. Furthermore, in order to insure that the 

30 person approving the transaction is the card owner, as 
opposed to an impostor, IVRS 125 may also include a 
speaker recognition unit that stores templates of pre- 
recorded digitized voice messages of the card owner 
that are compared to any input received from the called 

35 party to certify that the "rear card owner is the person 
approving the transaction. 

It the communications address rs a paging tele- 
phone number, then one ot the ADUs 110-1 to 110-N 
dials the paging telephone number to initiate a call to 

40 that paging telephone number for the purpose of deliv- 
ering one ot the messages ol FIG; 4 to pager device 1 35 
of the card owner. The call is routed over cornmunica- 
tions network 102 which uses one ot the demodulators 
120-1 to 120-N to transform the received message into 

45 proper signaling format for delivery to paging system 
network 111 which may be, tor example, a satellite- 
based nationwide paging service network. Alternatively 
paging system network 111 may be a cellular communi- 
cations network or a Personal Communications Servic- 

50 es (PCS) network. Paging system network 111 includes 
a base station (not shown) that receives the dialed 
number along with the message of FIG. 5. The base sta- 
tion then identities a particular frequency associated 
with that paging telephone number to code the rece ived 
55 message as a series of pulses represented by a carrier 
that is modulated on that frequency tor delivery to pager 
135 The latter converts the pulses into a series ot bytes 
representing the message of FIG. 5. Thereafter, pager 
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135 emits a loud beep to signal the card owner ol an 
incoming message. Alternatively, pager 135 could be a 
vibrating pager which silently alerts the card owner ol 
the incoming message through a vibration signal gen- 
erated therein m response to the reception of a mes- 
sage. 

When the incoming message is an alert signal from 
validation database 1 06; pager 1 35 can be any commer- 
cially available paging device with a small screen for dis- 
playing the message of FIG. 4. However, it an approval 
disapproval response is requested by validation data- 
base 106, pager 106 may advantageously be a twa way 
paging device, such as the device available from Mobile 
Telecommunications Technology Inc. of Jackson, Mis- 
sissippi. In that case, the card owner transmits an ap- 
pi oval/disapproval message by entering a pre-defined 
code in the two-way pager. The pre-def ined code is then 
transmitted to validation database 106 via paging sys- 
tem network 111. The pre-defined code is received by 
one of the demodulators 120-1 to 120- N which demod- 
ulates the signals associated with the received code tor 
presentation to validation database 106. Alternatively, 
pager 135 may be a one-way pager. In this case, it an 
approval/disapproval response is requested by valida- 
tion database 106, the card owner may communicate 
an approval/disapproval message to validation data- 
base 106 by other means, such as with use of a con- 
ventional telephone, tor example. 

A first illustrative embodiment 

FIG. 7 shows a flow diagram in accordance with cer- 
tain illustrative embodiments of the present invention 
outlining programmed instructions executed by different 
elements of the communications system of FIG. 1 to re- 
ceive an approval from a credit card owner tor, or to alert 
a credit card owner of, a credit card transaction initiated 
by a card holder The process shown in FIG. 7 is initiated 
in step 701 when validation database 106 receives a val- 
idation request for a credit card number. As mentioned 
above, the request tor approval may be recerved m the 
form of a data message, such as the one illustrated in 
F IG. 2. Upon receiving the credit card number, validation 
database 106 uses the recerved credit card number as 
a search key in an attempt to retrieve a profile for the 
credit card number, H no profile is available in the vali- 
dation database for the credit card number, as deter- 
mined in step 702, validation database returns an •un- 
authorized transaction* message to card reader 101 via 
ccjmmunications network 102. When validation data- 
base 106 is able to retrieve a profile tor the card number, 
the profile is analyzed in step 704 to determine whether 
the requested credit amount or the type of transaction, 
tor example, triggers any alerting or request tor approval 
conditions. It no such conditions are triggered, validation 
database 106 proceeds with the validation process m a 
conventional manner. Otherwise, in step 706, validation 
database 106 ascertains whether the card owner is only 



to be alerted when the pre-defrned condition is encoun- 
tered. If so. validation database 106 retrieves from the 
profile the card owner's communications address to 
which the alerting message is sent, as indicated in step 
5 707. Thereafter, validation database 1 06 proceeds with 
the validation process in a conventional manner. 

When the profile retrieved by validation database 
1 06 indicates that the card owner is to approve the credit 
card transaction (such as the one requested by the card 
io holder) validation database 106 formulates a request tor 
approval message (using appropriate entries in FIG. 4 
and FIG. 5) for transmission to the card owner, as indi- 
cated in step 708. As mentioned above, the request for 
approval message may be delivered in the form of a tel- 
J5 ephone call or a paging message. After the transmission 
of the message, validation database waits for a re- 
sponse from the card owner. When validation database 
determines, in step 709, that no response is forthcoming 
after a pre-defined period of time has expired, validation 
20 database 106, in step 711, assesses whether the re- 
quested credit amount exceeds the no-answer-credrt 
threshold. As indicated earlier, the no-answer-credit 
threshold is a field in the profile for a card number which 
stores the maximum amount of credit that can be ap- 
25 proved tor a credit card transaction when the credit card 
owner cannot be reached by the communications sys- 
tem of FIG. 1. If the requested credit amount exceeds 
the no-answer-credit threshold, as determined in step 
711, then validation database 106 returns an ■unauthor- 
30 ized transaction' message to card reader 101 . If the re- 
quested credit amount does not exceed the no-answer- 
credit thieshold, the content of the transaction counter 
field in the profile is compared to the no-answer-trans- 
action threshold to determine whether this threshold has 
35 been exceeded. If so, validation database 106 returns 
an invalid card message to card reader 101, as indicated 
in step 705. If neither of the no-answer- thresholds has 
been exceeded, validation database 106 completes the 
validation process in a conventional manner, as indicat- 
40 ed in step 703. 

When validation database 106 receives a response 
from the card owner within a pre-defined period ol time, 
as determined in step 709, validation database 106 then 
assesses whether the response indicates approval ol 
45 the transaction by the card owner. It so, validation data- 
base completes the validation process in a conventional 
manner, as indicated in step 705. Optionally, the card- 
holder may be required to provide a secret code that 
matches a similar code included in the response re- 
50 cerved from the card owner before the transaction is au- 
thorized. If a disapproval response is recerved from the 
card owner, validation database 106 returns an •unau- 
thorized transaction* message to card reader 101. 
FIG. 8 is a flow chart outlining instructions per- 
55 formed by the elements of the illustrative communica- 
tions system of FIG. 1 to validate a debit card transaction 
in accordance with a first ilhistralrve embodiment of the 
present invention. The process depicted in FIG. 8 is in 
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rtiated in step B01 when validation database 106 re- 
ceives a debit card number and a password entered by 
a minor card holder. Validation database 106 launches 
a query on its storage devices to determine, in step 802, 
whether a profile can be retrieved for the received card 
number. It no profile is found, validation database 106 
transmits an 'unauthorized transaction* message to 
card reader 101 , as indicated in step 803. Upon retriev- 
ing a profile tor the card number, validation database 
106 formulates a message using one of the entries of 
FIG 4 for transmission to the card owner. Thereafter, 
validation database 106 waits a pre-defined amount of 
time to determine whether a response is received from 
the card owner, ft the pre-defined amount of time expires 
before a response is received from the card owner, val- 
idation database 106 returns an 'unauthorized transac- 
tion' message to card reader 101', as indicated in step 
803. When a response indicative ol the card owner's ap- 
proval of the transaction is received from the card owner, 
as determined in step 806, validation database 106 pro- 
ceeds with the validation process In a conventional man- 
ner, as indicated in step 807. It the card owner sends a 
message disapproving the debit card transaction, vali- 
dation database 106 sends an "unauthorized transac- 
tion* message to card issuer 101, as indicated in step 
803. 

In other illustrative embodiments of the present in- 
vention, the authorization of a transaction may need to 
be approved by more than one party. For example, if the 
charge account is a corporate account and the amount 
ol the charge is over a certain predefined threshold, it 
may be required that two authorized parties (e.g., cor- 
porate executives) approve the transaction. This is anal- 
ogous, tor example, to the common requirement that 
corporate checks over a certain amount (e.g., $1,000) 
include two authorized signatures to be valid. Similarly* 
if the transaction involves, tor example, the dispensing 
of medications in a hospital (see below), it may be de- 
sirable that both the patient's doctor and the hospital's 
pharmacist approve the treatment. In these cases, step 
806 of FIG. 8 is modified to determine whether all parlies 
which are required to approve the transaction have done 
so. 

A second illustrative embodiment 

FIG. 9 shows a flow chart of a credrt card purchase 
transaction to which certain illustrative embodiments of 
the present invention may advantageously be applied. 
The transaction is initiated by a cardholder (ie., the cus- 
tomer) who instructs a retarler to charge a purchase to 
a given credit card account (step 11). This instruction 
usually takes the form of providing a credit card or a 
credrt card number to the retailer. This transaction may 
occur with the customer and the retailer co-present and 
in real-time, while the customer is waiting. In this case, 
the timeliness with which the authorization process is 
completed is clearly of great importance, since the rel- 



evant parties are awaitmg such authorization before 
they may proceed with other endeavors. (For example, 
they may be waiting so that the retailer may hand over 
the goods to the customer or provide a service thereto.) 
5 Thus, the communication to the customer and a confir- 
mation or denial of authorization by the customer should 
advantageously occur quickfy. For this reason, the use 
of two-way pagers is preferred for this type of application 
of the principals of the present invention. 
io in alternative applications, the customer may have 
instructed the retailer (or an agent of the retailer) in per- 
son or via some communication mechanism (e.g., a 
phone, mail, facsimile or electronic mail) at a time prior 
to the initiation of the transaction. Such instructions 
J 5 might cover an immediate one-time purchase, a future 
purchase (eg., the goods or service may not be imme- 
diately available) or a series of purchases to occur over 
a period of time. In cases such as these where the cus- 
tomer, and the retailer are not co-present, the parties 
20 most typically do not require the authorization to be com- 
pleted before they may proceed with other endeavors. 
That is, it may be acceptable in these cases that the au- 
thorization process be completed over a longer period 
of time such as, for example, several hours or even a 
2S day. In these cases, therefore, other less immediate 
communications mechanisms may be used, such as 
those provided by conventional telephones, e-mail, or, 
in some circumstances, even physical mail. 

In any event, the retailer's typical response to such 
30 instructions is to signal a transaction processing center 
(or a network of such centers) which is associated with 
the credrt card service provider that a particular custom- 
er (identified by his or her credit card number) wishes to 
purchase goods or services of a particular value. Thus, 
ss the retailer requests an authorization for the charge from 
the transaction processing center (step 12). Typically, 
this request is init iated by swiping the credit card through 
an automated card reader (such as card reader 101 of 
FIG. 1) which reads the magnetic stripe on the credit 
40 card, dials the transaction processing center, sends the 
relevant information thereto and receives either an au- 
thorization code or a denial in response therefrom. The 
information transmitted to the transaction processing 
center typically includes the credit card number, the 
45 amount of the contemplated purchase, and the retailer's 
store identification code (eg., card number 201, re- 
quested credrt amount 202, and merchant code 203 of 
FIG. 2, respectively). The retailer then waits for an au- 
thorization from the transaction processing center which 
so represents that the charge will be underwritten (i.e., in- 
sured) by the credit card service provider. This authori- 
zation is typically sent to the retailer in the form of an 
authorization code which identifies the transaction and 
can thereby be used to verify that the authorization proc- 
55 ess was property adhered to by the retailer. One typical 
reason tor dental, on the other hand, is that the balance 
on the customer's account has exceeded (or, if the given 
purchase were authorized would exceed) a piedeter- 
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mined credit limit associated with the customer's ac- 
count. In accordance with certain illustrative embodi- 
ments ot present invention, another reason lor denial is 
the rack ol the receipt ot an appropriate contirmation (or 
the receipt of an explicit denial) by the customer whose 
account is to be charged. 

At the transaction processing center, the authoriza- 
tion process is perlormed automatically by a computer 
based system comprising, inter alia, a database (e.g., 
validation database 106 ot FIG. 1) containing account 
information lor each credit card subscriber (step 13). 
That is, such a system automatically makes the decision 
whether to authorize or deny the transaction - no hu- 
man intervention is typically required at the transaction 
processing center. It the transaction is authorized (de- 
cision 14), as is typically indicated by the appearance ot 
the authorization code on the display ot the retailer's 
card reader, the retailer is thereby authorized by the 
credit card issuer to accept the charge lor the purchase 
Thus, the charge is accepted and the transaction is com- 
pleted {step 15) II, on the other hand the transaction is 
denied by the transaction processing center (typically 
indicated by the appearance ot a denial code on the card 
reader's display), the retailer denies the charge and ter- 
minates the transaction (step 16). 

FIG. 10 shows a How chart o! an automated author- 
ization process which may be used to implement step 
1 3 ol the process of FIG. 9 in accordance with a second 
illustrative embodiment ot the present invention. The 
process ot FIG. 10 is illustratively executed by a com- 
puter system at the transaction processing center in re- 
sponse to each received request for the authorization of 
a transaction. The received authorization request (typi- 
cally transmitted by an automated card reader at the re- 
tailer's location such as card reader 101 ot FIG. 1) in- 
cludes, in particular, a customer identifier (i.e., the credit 
card number) and may. tor example, also include the 
amount ot the proposed purchase and the retailer's 
store identification code (step 20). Based on the cus- 
tomer identifier, a database (such as validation data- 
base 106 of FIG. 1) is consulted to determine whether 
the transaction should be authorized (steps 21 and 22). 
For example, the database may include account bal- 
ance and credit limit information indicating that the cus- 
tomer's account balance is not permitted to exceed a 
given credit limit. In such a case, the system will deter- 
mine that the transaction should not be authorized if the 
sum of the account balance and the amount of the pur- 
chase to be authorized exceeds the credit limit. In addi- 
tion, invalid or (known to be) stolen credit cards obvi- 
ously should not be authorized. 

It it is determined from the analysis ot step 22 that 
the purchase should not be authorized tor some reason 
(decision 23), the system will format a denial code (step 
24) It, on the other hand, there is no basis tor denying 
the transaction, the system will, in accordance with the 
principles of the present invention, make an attempt to 
have the (tentative) authorization confirmed by the cus- 



tomer. In particular, and in accordance with a second 
illustrative embodiment thereof, the system will auto- 
matically page the customer (using, tor example pager 
135 of FIG. 1), supplying to him or her any relevant in- 
5 . formation concerning the purchase (step 25). For exam- 
ple, the system might supply the customer with an iden- 
tity of the retailer andfor the amount ot the purchase, in 
order to enable the customer to more accurately ensure 
that the transaction to be authorized is, in fact, the one 
io he or she is presently undertaking, or, alternatively, that 
the transaction is one being undertaken by an agent and 
the principal (i.e., the customer) approves thereof. The 
customer's pager number (i.e., the telephone number 
which is used to communicate with the pager) may, tor 
is example, be stored in the database and associated with 
the customer's account, as is shown in FIG. 3. 

Once the customer has been paged, the system ol 
the second illustrative embodiment waits tor a confirma- 
tion from the customer which may be supplied with use 
so of the customer's two-way pager (step 26). It the cus- 
tomer responds with an appropriate contirmation (deci- 
sion 27), the system generates, lormats and stores an 
authorization code which will enable the transaction to 
be completed. It, on the other hand, the customer does 
ss not confirm the transaction (e.g., if no response is re- 
ceived from the customer within a predetermined 
amount of time), the system formats a denial code (step 
24). After either a denial code or an authorization code 
has been formatted, it is sent to the retailer (e.g.., to card 
30 reader 101 ol FIG. 1 j who originally submitted the au- 
thorization request (step 29). 

A Third Illustrative Embodiment 

35 FIG. 1 1 shows a flow chart of an automated author- 
ization process which may be used to implement step 
13 ot the process of FIG. 1 in accordance with a third 
illustrative embodiment of the present invention. As can 
be seen from the figure, the illustrative process of FIG. 

to it is identical to the illustrative process shown in FIG. 
10 except that decision 27, which determined whether 
a confirmation was received from the customer is re- 
placed by decision 30, which determines whether a de- 
nial is received from the customer. Other embodiments 

4S of the present invention may combine those shown in 
FIG. 10 and FIG. 11 by accepting either a confirmation 
or a denial from the customer In such a case, the default 
(i.e., timeout) criterion may be either an assumed con- 
tirmation or an assumed denial. 

so 

A Fourth Illustrative Embodiment 

FIG. 1 2 shows a flow chart of an authorization proc- 
ess which may be used to implement step 1 3 ol the proc- 
55 ess of FIG. 9 in accordance with a fourth illustrative em- 
bodiment of the present invention. This fourth embodi- 
ment may advantageously be employed when the cus- 
tomer has only a one-way (as opposed to a two-way) 
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pager, since it allows for the customer's confirmation to 
be communicated indirectly through the retailer. Specif- 
ically, the illustrative process of FIG. 12 is identical to 
that of the illustrative embodiment of FIG. 10 and FIG. 
1 1 except in the mechanism by which the customer con- 
firmation is requested and received. 

In particular, when decision 23 determines that it is 
okay to authorize the transaction, the illustrative system 
of this fourth embodiment generates a confirmation 
code and supplies thai code to the customer via his or 
her (one-way) pager (steps 41 and 42) The supplied 
confirmation code may, for example, be randomly gen- 
erated so as not to be predictable. In this manner, the 
confirmation code will be known only to the customer 
(and not, for example, to a fraudulent user of the cus- 
tomer's ciedit card number who is not in possession of 
the customer's pager). The confirmation code may then 
be used to indirectly confirm the authorization. For ex- 
ample, where the customer is making a tace-to-f ace pur- 
chase in a store, the customer may provide the confir- 
mation code supplied by the transaction processing 
center to the retailer, who may, in turn, provide that con- 
firmation code back to the transaction processing cent- 
er. This latter step may be performed, for example, with 
use of the automated card reader which is already in 
communication with the transaction processing center. 

Thus, after the illustrative process of FIG. 12 has 
supplied the confirmation code to the customer, step 43 
waits for a responsive input which includes a (return) 
confirmation code (e.g., from the automated card read- 
er). Then, the confirmation code which was supplied for 
the given transaction is compared to the confirmation 
code that was received (decision 44) to ensure that the 
customer is, in tact, providing a proper confirmation of 
the authorization. It the supplied confirmation code 
matches the recerved conf irmation code, the system au- 
thorizes the transaction (steps 28 and 29). It they do not 
match, or if the system receives no responsive confir- 
mation code after a predetermined amount of time has 
elapsed, the transaction is denied (steps 24 and 29). 

A Fifth Illustrative Embodiment 

FIG. 1 3 shows a flow chart of a credit card purchase 
transaction to which a fifth illustrative embodiment of the 
present invention may advantageously be applied. This 
fifth embodiment eliminates the need tot performing 
multiple communications at the time of purchase. That 
is, the extra time that may otherwise be required to page 
the customer and receive a conf irmation or denial of the 
pending authorization are not needed when this litth il- 
lustrative embodiment is employed. 

Prior to the initiation of the transaction itself, the cus- 
tomer requests and recerves a confirmation code tor use 
in a specifically identified subsequent transaction (steps 
51 and 52). This confirmation code, which may, for ex- 
ample, be randomly generated, will be known only to the 
customer who intends to execute the specific transac- 



tion (e.g., make a particular purchase), or, alternatively, 
to an agent of the customer (i.e., the principal) to whom 
the customer has communicated the given confirmation 
code. The specific transaction may, tor example, be 
5 identified based on the retailer's store identification code 
(such as merchant code 203 of FIG. 2) or other identi- 
fying indicia of the retailer. Then, when the purchase is 
initiated, the customer (or the principal's informed 
agent) provides the previously received confirmation 
io code to the retailer, who, in turn, provides the confirma- 
tion code to the transaction processing center which 
performs the automated authorization process (steps 
53-55). The automated authorization system can then 
use the recerved confirmation code tn a manner similar 
*5 to that of the fourth illustrative embodiment shown in 
FIG 12 tor purposes of confirming an authorization of 
the transaction. Note that since the two-way communi- 
cation process of steps 51 and 52 need not occur at the 
time (or at the location) of the purchase but, rather, may 
20 precede the transaction by a substantial amount ol time, 
a wide variety of communications devices (in addition to 
one-way or two-way pagers) may advantageously be 
used in realizing the fifth illustrative embodiment 

FIG. 14 shows a flow chart of an automated author- 
ization process which may be used to implement step 
55 of the process of FIG. 13 in accordance with the Fifth 
illustrative embodiment of the present invention. As de- 
scribed above, upon the receipt of a customer's request 
for a confirmation code to be used in executing a specific 
3D (future) transaction, the illustrative authorization system 
generates and supplies a confirmation code to the cus- 
tomer. In addition to its being supplied to the customer, 
however, this confirmation code is associated with the 
customer identifier and, lor example, the retailer store 
35 identification code, and this data is then stored in the 
transaction processing center database (e.g., validation 
database 106 of FIG. 1) for later retrieval - that is, when 
the identified transaction is actually executed. Thus, up- 
on a request for authorization of the given transaction, 
40 the illustrative process of FIG. 1 4 retrieves the previous- 
ly supplied confirmation code from the database based 
on the customer identifier and the retailer store identifi- 
cation code (steps 61 and 62). Then, after it is deter- 
mined that the transaction should (otherwise) be author- 
4S ized, the system verifies that the confirmation code re- 
ceived with the request for authorization matches the 
confirmation code previously supplied to the customer 
(decision 63). H they do in fact match, the authorization 
may be confirmed (steps 28 and 29). 

so 

A Sixth Illustrative Embodiment 

In accordance with a sixth iBuslratrve embodiment 
of the present invention, a confirmation code may be 
55 provided to a customer without the customer making a 
specific request therefor. This embodiment may be ad- 
vantageously applied to a credit card purchase transac- 
tion in a similar manner to the tilth illustrative embodi- 
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mont described above. In particular, Ihe flow chart 
shown in FIG. 13 may be modified by removing slep 51 
therefrom Then, instead of the customer requesting and 
receiving a confirmation code tor use in a specifically 
identified subsequent transaction, the customer (auto- 
matically) receives a new confirmation after each trans- 
action and/or periodically (e.g., each morning) tor use 
in his or her nexl transaction. By limiting the use of the 
given confirmation code to. tor example, a single trans- 
action, the advantages of the present invention in pro- 
tecting against fraudulent transactions is obtained, while 
no direct communication from the customer to the trans- 
action processing center is required. Thus, for example, 
as in the case of the fourth and firth illustrative embod- 
iments, one-way pagers may advantageously be used. 
Moreover, the use of a confirmation code which does 
not match the last previously supplied conlirmation code 
but, rather, matches one used in a previous transaction 
may well be indicative of fraud. 

Although a number ol specific embodiments of this 
invenlion have been shown and described herein, it is 
to be understood that these embodiments are merely 
illustrative of the many possible specific arrangements 
which can be devised in application of the principles of 
the invention. Numerous and varied other arrangements 
can be devised in accordance with these principles by 
those of ordinary skill in the art without departing from 
the spirit and scope of the invention. For example, al- 
though the embodiments described above have fo- 
cused on a credit card purchase transaction, it will be 
obvious to those of ordinary skin in the art that the prin- 
ciples of the present invention may be applied to a wide 
variety of transactions including, but not limited to, tele- 
phone calling card transactions, banking transactions 
including those using PINs, slock and commodity trad- 
ing transactions, and secure access transactions such 
as computer access transactions based on computer 
passwords. In addition, the principals ol the present in- 
vention may be applied to numerous other types of se- 
cure access transactions such as physical access (i.e., 
entry) transactions including those used tor purposes of 
inventory control. For example, an entry door to a secure 
room (e.g., a hospital's medication room) or to a secure 
facility may be locked by an electronic locking system 
(e.g., combination keypad or card access entry) which 
is electronically linked to a central facility such as the 
transaction processing center described above. Then, 
any attempt to enter the room or facility may be made 
subject to conf irmation in accordance whh the pr incipals 
ol the present invention. 

In addition, although the above embodiments fo- 
cused primarily on communication via wireless paging 
devices (e.g., one-way or two-way pagers), it will be ob- 
vious to those skilled in the art that many other commu- 
nications mechanisms may be used instead of , or in ad- 
dition to, wireless paging devices. 1 hese mechanisms 
include, tor example, cellular telephones, conventional 
wired telephones, personal computers, etc. 



Claims 

1. An automated method tor authorizing a transaction, 
said transaction based on a customer identifier as- 

5 sociated with a customer, the method comprising 
the steps of: 

receiving a request to authorize said transac- 
tion, said request including said customer kJen- 

io tifier; 

determining, in response to said request and 
based on said customer identifier, whether to 
authorize said transaction, 
if said determining step determines that said 

*5 transaction is to be authorized, communicating 

said determination to said customer; 
receiving a communication from said customer 
confirming that said customer consents to said 
transaction being authorized; and 

20 authorizing said transaction in response to said 

communication received from said customer. 

2. An automated method for authorizing a transaction, 
said transaction based on a customer identifier as- 

25 sociated with a customer, the method comprising 
the steps of; 

receiving a request to authorize said transac- 
tion, said request including said customer kten- 

30 tifier, 

determining, in response to said request and 
based on said customer identifier, whether to 
authorize said transaction; 
if said determining step determines that said 

35 tr ansact ion is to be author iz ed, communicating 

said determination to said customer; and deter- 
mining whether a communication indicating 
that said transaction is not to be authorized is 
received within a given amount of time from 

ao said customer; and 

authorizing said transaction if said communica- 
tion from said customer is not received within 
said given amount of time. 

as 3. The method of claim I or 2 wherein sad step of com- 
municating said determination to said customer 
comprises transmitting signals representative of 
said determination to a wireless telecommunica- 
tions receiver. 

so 

4. The method ol claim 3 wherein said wireless tele- 
communications receiver comprises a display and 
wherein said step of communicating said determi- 
nation to said customer comprises communicating 

55 said customer identif ier to said customer. 

5. The method of claim 3 wherein said wireless tele- 
communications receiver comprises a display and 
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wherein said step ot communicating said determi- 
nation to said customer comprises communicating 
an identity of said provider to said customer 

6. The method ot claim 3 wherein said wireless tele- 
communications receiver comprises a two-way 
pager and wherein said communication from said 
customer confirming that said customer consents 
to said transaction being authorized is transmitted 
by said customer with use of said two-way pager. 

7. An automated method for authorizing a transaction, 
said transaction based on a customer identifier as- 
sociated with a customer, the method comprising 
the steps of: 

communicating to said customer a confirmation 
code for use in executing said transaction; 
receiving a request to authorize said transac- 
tion, said request including said customer iden- 
tifier and said conftrrnation code; 
determining, in response to said request, based 
on said customer identifier, and based on 
whether said received confirmation code 
matches said confirmation code communicated 
to said customer, whether to authorize said 
transaction; 

authorizing said transaction it said determining 
step determines that said transaction is to be 
authorized. 

8. The method of claim 7 wherein said step ol commu- 
nicating to said customer a confirmation code tor 
use in executing said transaction is performed in re- 
sponse to receiving a communication from said cus- 
tomer indicating that said customer desires to exe- 
cute said transaction. 



to said customer a confirmation code for use in 
completing execution ot said transaction; 
receiving a communication comprising said 
confirmation code; and 
5 authorizing said transaction in response to said 

received confirmation code matching said con- 
firmation code communicated to said customer. 

11. The method of claim 7 or 10 wherein said step of 
communicating to sard customer said confirmation 
code comprises encoding said confirmation code to 
provide a secure communication thereof. 

12. The method ot claim 1,2,7 or 10 wherein said trans- 
'5 action comprises a sales transaction and wherein 

said customer identifier comprises a credit card 
number. 

1 3. The method of claim 1 , 2, 7 or 1 0 wherein said trans- 
20 action comprises placing a telephone call and 

wherein said customer identifier comprises a tele- 
phone calling card number. 

14. The method of claim 1 , 2, 7 or 10 wherein said trans- 
2S action comprises a banking transaction and where- 
in said customer identifier comprises a bank card 
number. 

15. The method of claim 1 , 2, 7 or 10 wherein said cus- 
30 lomer identifier comprises a Personal Identification 

Number. 

16. The method of claim 7 or 10 wherein said step of 
communicating said confirmation code to said cus- 

3S tomer comprises transmitting a signal representa- 
tive ot said confirmation code to a wireless telecom- 
munications receiver. 



9. The method of claim 7 further comprising the step 

of communicating a second confirmation code to <o 
said customer after authorizing said transaction, 
said second confirmation code for use in executing 
a second transaction subsequent to said transac- 
tion and being different from said confirmation code. 

45 

10. An automated method tor authorizing a transaction, 
said transaction based on a customer identifier as- 
sociated with a customer, the method comprising 
the steps of: 

so 

receiving a request to authorize said transac- 
tion, said request including said customer iden- 
tifier; 

determining, in response to said request and 
based on said customer identifier, whether to 55 
authorize said transaction; 
it said determining step determines that said 
transaction is to be authorized, communicating 



17. The method of claim 3 or 16 wherein said wireless 
telecommunications receiver comprises a pager. 

1 8. An automated system tor use in authorizing a trans- 
action, said transaction based on a customer iden- 
tifier associated with a customer, the system com- 
prising 

a receiver adapted to receive a request to au- 
thorize said transaction, said request including 
said customer identifier; 

means lor determining, in response to said re- 
quest and based on said customer identifier, 
whether to authorize said transaction; 
a transmitter adapted to communicate said de- 
termination to said customer if said means tor 
determining determines that said transaction is 
to be authorized; 

a receiver adapted to receive a communication 
from said customer confirming that said cus- 
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tomer consents to said transaction being au- 
thorized; and 

means tor authorizing said transaction in re- 
sponse to said communication received trom 
said customer. 5 

19. An automated system tor use in authorizing a trans- 
action, said transaction based on a customer iden- 
tifier associated with a customer, the system com- 
prising: 10 

a receiver adapted to receive a request to au- 
thorize said transaction, said request including 
said customer identifier, 

means lot determining, in response to said re- '5 
quest and based on said customer identifier, 
whether to authorize said transaction; 
a transmitter adapted to communicate said de- 
termination to said customer if said means lor 
deteimining determines that said transaction is 20 
to be authorized; 

a timer adapted to determine whether a com- 
munication indicating that said transaction is 
not to be authorized is received within a given 
amount ol time from said customer; and 25 
means tor authorizing said transaction il said 
communication trom said customer is not re- 
ceived within said given amount ol time. 

20. An automated system for use in authorizing a trans- 30 
action, said transaction based on a customer iden- 
tifier associated with a customer, the system com- 
prising: 

a receiver adapted to receive a communication 35 
trom said customer indicating that said custom- 
er desires to execute said transaction; 
a transmitter adapted to communicate to said 
customer a confirmation code tor use in execut- 
ing said transaction; 40 
a receiver adapted to receive a request to au- 
thorize said transaction, said request including 
said customer identifier and said confirmation 
code; 

means for determining, in response to said re- 
quest, based on said customer identifier, and 
based on whether said received confirmation 
code matches said confirmation code commu- 
nicated to said customer, whether to authorize 
said transaction; and 50 
means for authorizing said transaction if said 
means for determining determines that said 
transaction is to be authorized. 

21. An automated system tor use in authorizing a trans- 55 
action, said transaction based on a customer iden- 
tifier associated with a customer, the system com- 
prising: 



a receiver adapted to iccerve a request to au- 
thorize said transaction, said request including 
said customer identifier; 
means tor determining, in response to said re- 
quest and based on said customer identifier, 
whether to authorize said transaction; 
a transmitter adapted to communicate to said 
customer a confirmation code for use in com- 
pleting execution of said transaction if said 
means tor determining determines that said 
transaction is to be authorized; 
a receiver adapted to receive a communication 
comprising said confirmation code; and 
means lor authorizing said transaction in re- 
sponse to said lecerved continuation code 
matching said confirmation code communicat- 
ed to said customer. 

22. A method of processing a transaction, the method 
comprising the steps of: 

receiving information associated with a trans- 
action initiated by an agent of a principal; 
retrieving a profile based on said information 
associated with said transaction; 
comparing at least a portion of said information 
lo data included in said profile; and 
in response to said comparison, notifying said 
principal of said transaction 

23. The method of claim 22 wherein said notifying step 
further includes the step of transmitting a message 
to said principal to request approval for the trans- 
action. 

24. The method ot claim 23 further compr ising the steps 
of: 

receiving an approval signal trom said principal; 
and 

m response to receiving said approval signal, 
authorizing said transaction. 

25. The method ot claim 24 wherein the approval signal 
from the principal is transmitted from a paging de- 
vice which received the notification in response to 
the comparison. 

26. The method of claim 23 further comprising the steps 

of: 

receiving a disapproval signal trom said princi- 
pal; and 

m response to receiving said disapproval sig- 
nal, invalidating said transaction. 

27. The method ot claim 23 turthor comprising the step 
of invalidating said transaction when no signal is re- 
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cowed from said principal in response to said re- 
quest tor approval message. 

28. The method ot claim 22 wherein sard comparing 
step further includes the step of determining wheth- 5 
er parameters included in said second subset of in- 
formation exceed threshold values represented by 
said data included in said profile. 

29. A system tor processing a transaction, the system to 
comprising: 



ther includes means for determining whether pa- 
rameters included in said second subset ot informa- 
tion exceed threshold values represented by said 
data included in said profile. 



a database which receives information associ- 
ated with a transaction initiated by an agent of 
a principal and which stores a profile defined '5 
by said principal; 

a processor which a) retrieves said profile from 
said database based on said information asso- 
ciated with said transaction, and b) compares 
at least a portion ot said information to data in- 
eluded in said profile; and 
a network over which a notrficatron signal is 
transmitted to said princrpal in response to said 
comparison. 

2S 

30. The system of claim 29 wherem said notification sig- 
nal includes a message requesting approval of the 
transaction. 

31. The system ol claim 30 further comprising: so 

an end- user device from which an approval sig- 
nal is transmitted by said principal to said data- 
base; and 

means responsive to receiving said approval 35 
signal at said database, for authorizing said 
transaction. 



32. The system of claim 31 further comprismg a paging 
device which a) receives the notification signal m 40 
response to the comparison, and b) transmits the 
approval signal from the principal 

33. The system ot clami 30 further comprising: 

4S 

an end-user device from which a disapproval 
signal is t ransmitted by said princrpal to said da- 
tabase; and 

means responsive to receiving said disapprov- 
al signal at said database, lor invalidating said so 
transaction. 



34. The system of claim 30 further comprising means 
tor invalidating said transaction when no signal is 
received from said principal in response to said re- 55 
quest lor approval message. 

35. The syslem of claim 29 wherem said processor fur- 
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(57) An automated method lor alerting a customer 
that a transaction is being initiated and for authorizing 
the transaction based on a confirmation/approval by the 
customer thereto. In accordance with one illustrative 
embodiment, a request to authorize the transaction is 
received/wherein the request includes a customer iden- 
tifier, a determination is made whether to authorize the 
transaction based on the customer identifier, it the de- 
termination is to authorize the transaction, that tact is 
communicated to the customer; a confirmation that the 
transaction should, in fact, be authorized is received 
back from the customer, and the transaction is author- 
ized in response to the customer's confirmation thereof. 
In accordance with another illustrative embodiment, a 
transaction initiated by an agent of the customer (i.e., 
the principal) is authorized by the principal when one or 
more threshold parameters that may be pre-defined by 
the principal are exceeded. A preferred method of alert- 
ing the customer and receiving a confirmation to author- 
ize the transaction back from the customer is illustrative- 
ly afforded by conventional two-way pagers. 
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